Source: www.databreachtoday.com – Author: 1
D-Link Tells Owners to Buy a Newer Model
Prajeet Nair (@prajeetspeaks) •
April 9, 2024
Network-attached storage manufacturer D-Link says owners of devices vulnerable to remote takeover exploits should suck it up and buy a replacement.
See Also: The Death of Network Hardware Appliances
Internet scans have tallied the number of affected NAS devices – a handful of servers released on average a decade ago – at more than 92,000.
Security researchers late last month disclosed two vulnerabilities affecting DNS-340L, DNS-320L, DNS-327L, and DNS-325 devices.
The vulnerability lies within the nas_sharing.cgi URL, which hackers could exploit two ways: by using hard-coded credentials to insert a backdoor or by command injection.
Tracked as CVE-2024-3272 and CVE-2024-3273, the flaws allow hackers access to sensitive data, allow them to change system configurations, or cause denial of service.
The Taiwanese manufacturer D-Link’s response last Thursday was to tell owners that there won’t be a patch and that the devices should “be retired and replaced.” The devices reached their official end of service life four or more years ago – one of them in 2017.
The Shadowserver Foundation on Monday said that it’s seeing scans and exploits originating from multiple internet addresses for CVE-2024-3273.
“Exploit and PoC details are public. As there is no patch for this vulnerability, these devices should be taken offline/replaced or at least have their remote access firewalled,” the foundation said.
According to GreyNoise, threat actors are using the flaws to unleash a modified version of Mirai botnet malware skid.x86.
Original Post url: https://www.databreachtoday.com/aged-d-link-nas-devices-are-being-exploited-by-hackers-a-24812
Category & Tags: –
